[lxc-users] not allowed to change kernel parameters inside container

jjs - mainphrame jjs at mainphrame.com
Sat May 25 17:55:59 UTC 2019


Given the developers stance, perhaps a temporary workaround is in order,
e.g. ssh-key root login to physical host e.g. "ssh <host> sysctl
key=value..."

Jake

On Mon, May 20, 2019 at 9:25 AM Saint Michael <venefax at gmail.com> wrote:

> I am trying to use sysctl -p inside an LXC container and it says
> read only file system
> how do I give my container all possible rights?
> Right now I have
>
> lxc.mount.auto = cgroup:mixed
> lxc.tty.max = 10
> lxc.pty.max = 1024
> lxc.cgroup.devices.allow = c 1:3 rwm
> lxc.cgroup.devices.allow = c 1:5 rwm
> lxc.cgroup.devices.allow = c 5:1 rwm
> lxc.cgroup.devices.allow = c 5:0 rwm
> lxc.cgroup.devices.allow = c 4:0 rwm
> lxc.cgroup.devices.allow = c 4:1 rwm
> lxc.cgroup.devices.allow = c 1:9 rwm
> lxc.cgroup.devices.allow = c 1:8 rwm
> lxc.cgroup.devices.allow = c 136:* rwm
> lxc.cgroup.devices.allow = c 5:2 rwm
> lxc.cgroup.devices.allow = c 254:0 rwm
> lxc.cgroup.devices.allow = c 10:137 rwm # loop-control
> lxc.cgroup.devices.allow = b 7:* rwm    # loop*
> lxc.cgroup.devices.allow = c 10:229 rwm #fuse
> lxc.cgroup.devices.allow = c 10:200 rwm #docker
> #lxc.cgroup.memory.limit_in_bytes = 92536870910
> lxc.apparmor.profile= unconfined
> lxc.cgroup.devices.allow= a
> lxc.cap.drop=
> lxc.cgroup.devices.deny=
> #lxc.mount.auto= proc:rw sys:ro cgroup:ro
> lxc.autodev= 1
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20190525/4eab6389/attachment.html>


More information about the lxc-users mailing list